The controller, DPO and data processing

The data processing owner is the University of Turin, Via Verdi 8 10124 Torino. Telephone: +39 011 6706111, certified email address: [email protected].

The legal representative is the Rector of the University of Turin.

The data protection officer (DPO)’s email address is [email protected].

Data processing connected to University portal services are mostly managed by university departments but also by third parties who are under contract as suppliers, developers or maintenance workers.

An example could be: 

Cineca – Inter-university Consortium for student, staff, company and supplier data.

The University of Turin uses Cineca IT services and infrastructure in its management of courses, research, accounting, online documents, the Portal, MyUniTO + apps and other accessory services. Google LLC - for student and staff data
The University of Turin uses Google educational solutions for staff and student University email addresses, analytics for managing University website statistics and solutions for collaborating on line (drives, etc) and interactive maps.

• Microsoft Corporation – for student and staff data
  The University of Turin uses Microsoft Corporation for office automation solutions for staff and students.
• CISCO – for student and staff data
  The University of Turin uses some CISCO solutions for VOIP telephony and web conferencing
• CSI – Piemonte – for staff data
  The University of Turin uses CSI services and ICT infrastructure in its solutions that are available to University consortium members for staff.

This data is also used for non-University purposes in the following cases:

• when a public body asks for data for official purposes eg information it needs to send to the Ministry of Education, University and Research, National Student Register, Ministry of Finance, Ministry of Foreign Affairs, Regional Association for the Right to University study, Istat, Cnvsu, Regional Observatory for the University and the right to university study, Job Centres.
• when legal authorities make a request
• some data can be sent at graduation when a company makes a request declaring it will only use that data for purposes of employment or to publicise training and cultural events.

For specific requests, write to [email protected].

The University has appointed System Administrators to manage information systems and ITC infrastructures based on IT security regulations. It has also started procedures to revise contracts/agreements with all suppliers of goods and services in accordance with the European Data Protection Regulation (EU/2016/679). This aims at verifying that the relationship with the University respects EU regulations (European Data Protection Regulation) where the University is the data processing controller. Likewise, the University has started identifying those external companies who process data in order that the Regulation (EU/2016/679) is respected.

For more information on privacy procedures concerning data processing methods, data storage and data transfer beyond EU borders, see the specific privacy policy issues, which are currently being updated.